Protection and Prevention

You should never install anything from someone you don't trust. However,
following this banal rule isn't always enough; some vulnerabilities are a
result of programming errors within the device itself.

The first protection is to be a cautious user. Antivirus products often are
there just to protect users from themselves. However, at times new viruses are
created that break through traditional protections. For example, many users
might forget to suspect a Bluetooth virus, simply because it's not yet a
common form of infection. Your best defense is to maintain a high index of
suspicion at all times.

In addition, it's best to keep the OS software current on your mobile
device. This practice can help eliminate the same kind of risks that Windows XP
users face. Unfortunately, updating a mobile device often requires a complete
loss of data and can be a technically challenging project (for example,
reflashing the ROM). Plus, even if it's easy, as is the case with Windows
XP, most users simply ignore or don't know about patches and updates. In
other words, if a user can't keep his desktop updated, he probably
won't update his mobile phone or PDA.

With Windows-based PCs, patches are more or less homogeneous to the device.
Not so in the mobile world. There are many flavors of embedded operating
systems. For example, Platform Builder allows any manufacturer to compile its
own, custom OEM version of Windows Mobile operating system. There are as many
flavors of Windows Mobile as there are OEMs. In this case, a uniform security
patch from Microsoft could break millions of deviceseven if the patch
worked correctly, which hasn't always been the case lately. Thus, there are
even more challenges when dealing with mobile device security.

This concludes our brief analysis of the Mosquito Trojan. We welcome input
from others who may have more experience in embedded reverse engineering. For
those looking to enter research in this field, the References section lists
other books and articles that we've written on ARM-based reverse
engineering.

Although the Mosquito Trojan is more of an annoyance than a real threat, it
demonstrates that cell phone malware is a growing problem. As we've seen,
the 911 virus in Tokyo knocked out the city's public emergency services
number. With a growing variety of malware attacking a growing number of mobile
devices, future attacks could be worse.